Solved

How to restrict inbound and outbound internet e-mail traffic from and to active directory group

Posted on 2008-09-29
4
448 Views
Last Modified: 2011-10-19
We pretend to allow only a list of inbound/outbound emails address to an Active Directory Group.

It's factible in a Exchange 2003 scenario?

user@mydomain.com will permit only e-mails from user@partner.com, user@partner2.com
user@mydomain.com will send e-mails only to user@partner.com, user@partner2.com

This users are grouped in Active directory.  The contacts of partners exists in AD

any suggestion?

BADBOY
0
Comment
Question by:bad3000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 16

Assisted Solution

by:robrandon
robrandon earned 40 total points
ID: 22597647
On the Exchange General tab for the DL and Contacts you can set which accounts it can receive from.  Just add such accounts to that listbox.

0
 
LVL 1

Author Comment

by:bad3000
ID: 22601353
I've set as is shown in the attached file
It started to work for inbound email after MSExchangeSA service was restarted.

But how i tell Exchange to send email only to a list, there is no setting here to "Deliver only to"

thnks
exchange-user.jpg
0
 
LVL 16

Assisted Solution

by:robrandon
robrandon earned 40 total points
ID: 22605594
So you want to setup an account that can only send to particular addresses?  I'm not sure that is possible.

I thought you were trying to restrict the sending to a DL and to Contacts.  Both, the DL and the Contacts will have the properties window in your screenshot so you can restrict who can send to them.

0
 
LVL 1

Accepted Solution

by:
bad3000 earned 0 total points
ID: 22650988
For Outbound filtering:
- We set a Outbound Rule in the gateway antispam server (Symantec Mail Security for SMTP)
- We apply the action of delete the message when it came from "Restricted Outbound Users" LDAP Group in sync with AD GC
- We set a exception when Recipient Envelope has one of the authorized domains
- It cannot be set user by user, but the outbound rule applies for any LDAP group, so i can restrict some groups with only one member.
- I can apply authorized domains o specific e-mail addresses for any LDAP Group

For Inbound Filtering:
robrandon and the suggestion stated was perfect.
- we also need to permit internal mails and some external contacts only so we cannot mark "Authenticated Users Only"
- we created a Exchange Query Based Group with all internal users in a LDAP Query and we added it to the dialog box "only from"

that's all

BADBOY
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
how to add IIS SMTP to handle application/Scanner relays into office 365.

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question